Implementing Internet Key Exchange Security Protocol on Cisco IOS XR Software
Configuration Examples for Implementing IKE Security Protocol
SC-68
Cisco IOS XR System Security Configuration Guide
Configuration Examples for Implementing IKE Security Protocol
This section provides the following configuration examples:
• Creating IKE Policies: Example, page SC-69
• Configuring a service-ipsec Interface with a Dynamic Profile: Example, page SC-69
• Configuring Easy VPN with a Local AAA: Example, page SC-70
• Configuring VRF-Aware: Example, page SC-71
Step 8
set interface {service-ipsec | service-gre}
intf-index
Example:
RP/0/RP0/CPU0:router(config-isa-prof-match)# set
interface service-ipsec 50
or
RP/0/RP0/CPU0:router(config-isa-prof-match)# set
interface service-gre 1000
Predefines the virtual interface when IKE negotiates
for IPSec SAs and the local endpoint is the IKE
responder.
• Use the service-ipsec keyword to specify the
IPSec service interfaces.
• Use the service-gre keyword to specify the
GRE service interfaces.
• Use the intf-index argument to set the range
from 1 to 65535.
Step 9
end
or
commit
Example:
RP/0/RP0/CPU0:router(config-isa-prof-match)# end
or
RP/0/RP0/CPU0:router(config-isa-prof-match)# commit
Saves configuration changes.
• When you issue the end command, the system
prompts you to commit changes:
Uncommitted changes found, commit them
before exiting(yes/no/cancel)?
[cancel]:
–
Entering yes saves configuration changes to
the running configuration file, exits the
configuration session, and returns the
router to EXEC mode.
–
Entering no exits the configuration session
and returns the router to EXEC mode
without committing the configuration
changes.
–
Entering cancel leaves the router in the
current configuration session without
exiting or committing the configuration
changes.
• Use the commit command to save the
configuration changes to the running
configuration file and remain within the
configuration session.
Command or Action Purpose
To Next Page
Loading...
